Operating system groups are used to map an operating system to specific process types
and scripts in Security Incident Response workflows. The scripts define how running processes for the defined operating system
groups are retrieved. New operating systems can be added as needed.
Before you begin
Role required: sn_sec_cmn.admin
Procedure
Navigate to All > Security Operations > Utilities > Operating System Groups.
The base system includes scripts for three operating systems:
BSD-based OS
POSIX-based OS
Windows OS
Click New.
Fill in the fields, as needed.
Field
Description
Name
The name of the operating system group.
Description
A description for the operating system group.
Table
The affected table.
Active
Select this check box to activate the operating
system group.
Use filter group
Select this check box to use a filter group for
locating matching records in the selected table.
Filter group
Select the filter group for locating matching records
in the selected table. This field displays only if you
selected the Use filter group
check box.
Condition
The
condition builder fields display only if you
did not select the Use filter
group check box.
Right-click in the form header and select Save.
The Operating System Related Scripts related list opens.
Click New.
Select scripts that correspond with the workflows you are using to get running
processes, services, and/or network statistics.